1. CVE-Search
  2. CVE-2019-5322
ID CVE-2019-5322
Summary A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. The vulnerability impacts firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007 and 16.10.* before 16.10.0003. The vulnerability allows an attacker to retrieve sensitive system information. This attack can be carried out without user authentication under very specific conditions.
References
Vulnerable Configurations
  • cpe:2.3:o:arubanetworks:5400r_firmware:16.08.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:5400r_firmware:16.08.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:5400r_firmware:16.09.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:5400r_firmware:16.09.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:5400r_firmware:16.10.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:5400r_firmware:16.10.0:*:*:*:*:*:*:*
  • cpe:2.3:h:arubanetworks:5400r:-:*:*:*:*:*:*:*
    cpe:2.3:h:arubanetworks:5400r:-:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:3810_firmware:16.08.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:3810_firmware:16.08.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:3810_firmware:16.09.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:3810_firmware:16.09.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:3810_firmware:16.10.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:3810_firmware:16.10.0:*:*:*:*:*:*:*
  • cpe:2.3:h:arubanetworks:3810:-:*:*:*:*:*:*:*
    cpe:2.3:h:arubanetworks:3810:-:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2920_firmware:16.08.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2920_firmware:16.08.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2920_firmware:16.09.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2920_firmware:16.09.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2920_firmware:16.10.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2920_firmware:16.10.0:*:*:*:*:*:*:*
  • cpe:2.3:h:arubanetworks:2920:-:*:*:*:*:*:*:*
    cpe:2.3:h:arubanetworks:2920:-:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2930_firmware:16.08.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2930_firmware:16.08.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2930_firmware:16.09.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2930_firmware:16.09.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2930_firmware:16.10.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2930_firmware:16.10.0:*:*:*:*:*:*:*
  • cpe:2.3:h:arubanetworks:2930:-:*:*:*:*:*:*:*
    cpe:2.3:h:arubanetworks:2930:-:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2530_with_gigt_port_firmware:16.08.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2530_with_gigt_port_firmware:16.08.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2530_with_gigt_port_firmware:16.09.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2530_with_gigt_port_firmware:16.09.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2530_with_gigt_port_firmware:16.10.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2530_with_gigt_port_firmware:16.10.0:*:*:*:*:*:*:*
  • cpe:2.3:h:arubanetworks:2530_with_gigt_port:-:*:*:*:*:*:*:*
    cpe:2.3:h:arubanetworks:2530_with_gigt_port:-:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2530_10\/100_port_firmware:16.08.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2530_10\/100_port_firmware:16.08.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2530_10\/100_port_firmware:16.09.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2530_10\/100_port_firmware:16.09.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2530_10\/100_port_firmware:16.10.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2530_10\/100_port_firmware:16.10.0:*:*:*:*:*:*:*
  • cpe:2.3:h:arubanetworks:2530_10\/100_port:-:*:*:*:*:*:*:*
    cpe:2.3:h:arubanetworks:2530_10\/100_port:-:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2540_firmware:16.08.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2540_firmware:16.08.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2540_firmware:16.09.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2540_firmware:16.09.0:*:*:*:*:*:*:*
  • cpe:2.3:o:arubanetworks:2540_firmware:16.10.0:*:*:*:*:*:*:*
    cpe:2.3:o:arubanetworks:2540_firmware:16.10.0:*:*:*:*:*:*:*
  • cpe:2.3:h:arubanetworks:2540:-:*:*:*:*:*:*:*
    cpe:2.3:h:arubanetworks:2540:-:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
misc https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-001.txt
Last major update 24-08-2020 - 17:37
Published 13-02-2020 - 00:15
Last modified 24-08-2020 - 17:37
Back to Top